[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN110533410B - Payment method - Google Patents

Payment method Download PDF

Info

Publication number
CN110533410B
CN110533410B CN201910695624.2A CN201910695624A CN110533410B CN 110533410 B CN110533410 B CN 110533410B CN 201910695624 A CN201910695624 A CN 201910695624A CN 110533410 B CN110533410 B CN 110533410B
Authority
CN
China
Prior art keywords
payment
payer
random
payment amount
digit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910695624.2A
Other languages
Chinese (zh)
Other versions
CN110533410A (en
Inventor
卢振江
卢兆焓
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Henan Brother Technology Development Co ltd
Original Assignee
Henan Brother Technology Development Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Henan Brother Technology Development Co ltd filed Critical Henan Brother Technology Development Co ltd
Priority to CN201910695624.2A priority Critical patent/CN110533410B/en
Publication of CN110533410A publication Critical patent/CN110533410A/en
Application granted granted Critical
Publication of CN110533410B publication Critical patent/CN110533410B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3276Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being read by the M-device
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides a payment method, which comprises the following steps: the payment platform receives a payment request and payee account information of payer terminal equipment, wherein the payment request comprises the payer account information, payment amount, random time related to confirmation of the payment amount and a random password SA generated by the payer terminal equipment according to the payment amount and the random time related to confirmation of the payment amount; the payment platform verifies the timeliness of the payment request according to the random time related to the confirmation of the payment amount, generates a random password SB by the same method as the payer according to the payment amount in the payment request and the random time related to the confirmation of the payment amount after the timeliness verification of the payment request is passed, compares the random password SB with the random password SA, and if the random password SB is not equal to the random password SA, the authentication of the terminal equipment of the payer is failed, and the payment request is rejected; otherwise, the payer successfully verifies the identity and responds to the payment request.

Description

Payment method
Technical Field
The invention relates to the field of mobile payment, in particular to a payment method.
Background
With the popularization of the internet, mobile payment becomes a payment choice of more and more people, and the existing mobile payment has two payment methods, one is a payment method based on static password encryption, and the method is that a payee provides a two-dimensional code of payee account information and the payer scans the two-dimensional code to complete payment; the other payment method is based on dynamic password encryption, namely, a payer generates a dynamic two-dimensional code in a mobile phone, and a payee scans the two-dimensional code to complete payment; according to the relevant regulations, the mobile payment based on static password encryption has low confidentiality, each payment does not exceed a small upper limit of the amount, and a dynamic password encryption mode is necessary to complete the payment of a large amount through the mobile payment, which mainly provides good security for a mobile payer, but causes the condition of inconvenient operation.
In addition, both the payee and the payer who use the two payment methods have to be networked with the payment platform for real-time communication at the same time to complete payment, and for a remote location or an area with weak signal coverage of wireless signals, it is difficult to ensure that the payer and the payment platform always keep a real-time communication state, so that the mobile payment function is influenced, and further the use of a user is influenced.
In order to solve the above problems, people are always seeking an ideal technical solution.
Disclosure of Invention
The invention aims to overcome the defects of the prior art, and provides a payment method which can strengthen the safety and convenience of mobile payment, can realize mobile payment under the condition that a payee has a network signal and a payer does not have a network signal, has high safety and can realize secret-free payment.
In order to achieve the purpose, the invention adopts the technical scheme that: a payment method comprises a payer terminal device and a payment platform, and specifically comprises the following steps:
the payment platform receives a payment request and payee account information of payer terminal equipment, wherein the payment request comprises the payer account information, payment amount, random time related to confirmation of the payment amount and a random password SA generated by the payer terminal equipment according to the payment amount and the random time related to confirmation of the payment amount;
the payment platform verifies the timeliness of the payment request according to the random time related to the confirmation of the payment amount, generates a random password SB according to the payment amount in the payment request and the random time related to the confirmation of the payment amount after the timeliness verification of the payment request is passed, compares the random password SB with the random password SA, and if the random password SB is not equal to the random password SA, the identity verification of the terminal equipment of the payment party fails and rejects the payment request; otherwise, the payer successfully verifies the identity, responds to the payment request, and transfers the amount of money required to be paid in the payment request from the payer account to the payee account.
Based on the above, the steps of the payment platform receiving the payment request of the payer terminal device are as follows:
the payer terminal equipment sends a prepayment request to the payment platform, wherein the prepayment request comprises: a random password SA1 generated by the payer terminal device based on the payment amount and the time associated with the input of the payment amount;
after receiving the prepayment request, the payment platform verifies the timeliness of the prepayment request, if the timeliness verification is not passed, the prepayment request is rejected, otherwise, a random password SB1 is generated according to the time related to the input of the payment amount and the payment amount; comparing the random password SA1 with the random password SB1, and if the random password SA1 is not equal to the random password SB1, rejecting the prepayment request; if SA1= SB1, further confirming whether the payment amount exceeds the preset payment amount, if so, sending out the reminding information of exceeding the amount to the payer terminal, and rejecting the prepayment request, otherwise, returning random time related to the confirmation of the payment amount to the payer terminal equipment;
after receiving the random time which is returned by the payment platform and is relevant to the confirmation of the payment amount, the payer terminal equipment generates a random password SA according to the payment amount and the random time which is relevant to the confirmation of the payment amount, generates a payment request according to the payment amount, the random time which is relevant to the confirmation of the payment amount, the random password SA and the payer account information and displays the payment request in a two-dimensional code mode;
and scanning the two-dimensional code on the payer terminal equipment by the payee terminal equipment, analyzing the payment request contained in the two-dimensional code, and forwarding the payment request together with the account information of the payee to the payment platform.
Based on the above, the steps of the payment platform receiving the payment request of the payer terminal device are as follows:
scanning a collection two-dimensional code of the payee terminal equipment by the payer terminal equipment to obtain payee account information, and displaying payee information;
the payer terminal equipment inputs the payment amount and displays the payment amount in a special picture form for the payer to confirm;
the payer terminal equipment generates a random password SA according to the payment amount and the random time related to the confirmation of the payment amount, generates a payment request according to the payment amount, the random time related to the confirmation of the payment amount, the random password SA and the payer account information, and displays the payment amount and the payee account information through a special picture for the payer to confirm again;
and the payer terminal equipment sends the confirmed payee account information and the payment request to the payment platform.
Based on the above, the steps of the payment platform receiving the payment request of the payer terminal device are as follows:
the payer terminal equipment displays the input payment amount in a special picture mode for the payer to confirm in an off-line payment state;
the payer terminal equipment generates a random password SA according to the payment amount and the random time related to the confirmation of the payment amount, and generates a payment request for the payment amount, the random time related to the confirmation of the payment amount, the random password SA and the payer account information and displays the payment request in a two-dimensional code form;
and scanning the two-dimensional code on the payer terminal equipment by the payee terminal equipment, analyzing the payment request contained in the two-dimensional code, and forwarding the payment request together with the account information of the payee to the payment platform.
Based on the above, the payment platform issues the offline payment total amount to the payer terminal device in advance, after the payer terminal device receives the offline payment instruction, the offline payment total amount, the accumulated used offline payment amount and the remaining offline payment amount are displayed, whether the input payment amount is less than or equal to the remaining offline payment amount is judged, and if the input payment amount is greater than the remaining offline payment amount, offline payment cannot be performed; and if the payment amount is less than or equal to the remaining offline payment amount, the payment amount is displayed by the payer terminal equipment in a special picture form for the payer to confirm.
Based on the above, the special picture is a currency picture combination of one or more currency values.
Based on the above, the payer terminal device needs to register on the payment platform, and the registration information includes a random password generation algorithm and a randomly acquired binary digit access string.
Based on the above, the steps of obtaining the binary digit access string are as follows:
the method comprises the steps that a payer terminal device randomly obtains a section of image file or audio file or video file;
converting an image file or an audio file or a video file into a binary digital sequence;
traversing the binary digit sequence, and judging whether more than n continuously arranged same digits '1' and/or more than m continuously arranged same digits '0' exist in the binary digit sequence, wherein if so, replacing more than n continuously arranged same digits '1' with one digit '1' and/or more than m continuously arranged same digits '0' with one digit '0', and the replacement result is that no more than n continuously arranged same digits '1' and more than m continuously arranged same digits '0' appear in the converted file, thus obtaining the binary digit sequence after multiple repetitive arrangement, wherein n is more than or equal to 4, and m is more than or equal to 4;
and sequentially intercepting M digits in the binary digit sequence to form a binary digit access string.
Based on the above, the random password generation algorithm is:
adding numbers representing the elements, angles and minutes in the payment amount to obtain a number L, adding the last two digits of the number of years, the number of months, the number of days, the number of hours, the number of minutes and/or the number of seconds of the time related to the payment application to obtain a number T, and adding the number L and the number T to obtain a random number N;
intercepting j-N digits in the binary digit taking string as a binary digit Q, wherein j is an integer larger than zero;
and adding the binary number Q and the random password used for the previous time to obtain the random password used for the current time, wherein the initial value of the random password used for the first time is 1.
Based on the above, when the binary digit fetching string is intercepted for the 1 st time, j × N is intercepted from the first bit of the binary digit fetching string1The digit number is used as a binary number Q; when intercepting the binary digit string at the 2 nd time, taking the jth N of the string from the binary digit1Starting at + x position and cutting out j x N2The digit number is used as a binary number Q;
when the ith interception is carried out, the residual digit Y of the binary digit taking string is calculated,
Figure 398434DEST_PATH_IMAGE002
and judging whether the residual digit Y is greater than or equal to x + j NiIf Y is greater than or equal to x + j NiFrom the remaining Y-bit binary numberBeginning at the x-th bit of the word, cutting j x N backwardiThe digit number is used as a binary number Q;
if Y is less than x + j NiContinuously judging whether the residual digit Y is greater than x, if so, intercepting the last digit from the x-th digit of the residual Y-digit binary number to obtain a U-digit binary number, and intercepting the j × N from the first digit of the binary number taking stringi-U bit, truncated j x Ni-the first digit of the U-bit binary number is connected to the last digit of the U-bit binary number, generating j x NiThe binary number Q of the bit, and when the (i + 1) th bit is intercepted, the jth × N of the string is taken from the binary numberi-U + x bits start backward truncation;
otherwise, the x-Y +1 bit of the binary digit fetching string is intercepted backwards by j x NiThe binary digit of the bit is used as a binary number Q; taking the x-Y + j N of the string from the binary digit at the time of the (i + 1) th interceptioniStarting at + x position and cutting out j x Ni+1Wherein N isi+1Intercepting a random number N obtained before the (i + 1) th time;
wherein i is an integer greater than 2, x is a predetermined integer, and N is1For the random number N, N obtained before the first interception2For the random number N, N obtained before the first interceptioni-1For the random number N, N obtained before the i-1 th interceptioniThe random number N obtained before the i-th truncation is obtained.
Compared with the prior art, the invention has outstanding substantive characteristics and remarkable progress, particularly,
(1) by adopting the mode that the payment platform authenticates the identity of the payer terminal equipment, no matter the online payment or the offline payment is carried out, no matter the payee provides a two-dimensional code of the account information of the payee, the payer scans and beats the two-dimensional code to complete the payment, or the payer generates a dynamic two-dimensional code in the payer terminal equipment, and the payee scans and beats the two-dimensional code to complete the payment, the payer does not need to input a static password, so that the operation steps of a user are simplified while better safety is provided for the mobile payer.
(2) The payment platform is adopted to issue the offline payment amount to the payer, and the payer can respond to the payment request as long as the payment amount does not exceed the remaining offline payment amount, so that the payer can complete mobile payment under the condition of no mobile network conveniently.
(3) Because the binary digit access string and the random digit N used in the process of generating the random password by the payment platform and the terminal equipment of the payer are both obtained randomly, the length of the generated random password is also random, and the last random password also participates in the generation process of the random password, and the multiple random enables the random password to have the characteristics of difficult deciphering and unrepeatable generation, so that if the random passwords sent by the payment platform and the terminal equipment of the payer are the same, the terminal equipment of the payer can be verified to have the legal identity, and the correctness of the authentication of the terminal equipment of the payer is greatly improved.
Detailed Description
The technical solution of the present invention is further described in detail by the following embodiments.
Example 1
A payment method comprises a payer terminal device and a payment platform, and specifically comprises the following steps:
the payment platform receives a payment request and payee account information of payer terminal equipment, wherein the payment request comprises the payer account information, payment amount, random time related to confirmation of the payment amount and a random password SA generated by the payer terminal equipment according to the payment amount and the random time related to confirmation of the payment amount;
the payment platform verifies the timeliness of the payment request according to the random time related to the confirmation of the payment amount, generates a random password SB according to the payment amount in the payment request and the random time related to the confirmation of the payment amount after the timeliness verification of the payment request is passed, compares the random password SB with the random password SA, and if the random password SB is not equal to the random password SA, the identity verification of the terminal equipment of the payment party fails and rejects the payment request; otherwise, the payer successfully verifies the identity, responds to the payment request, and transfers the amount of money required to be paid in the payment request from the payer account to the payee account.
Specifically, the step of receiving, by the payment platform, the payment request and the payee account information of the payer terminal device includes:
the payer terminal device sends a prepayment request to the payment platform, wherein the prepayment request comprises a payment amount, time related to input of the payment amount and a random password SA1 generated by the payer terminal device according to the payment amount and the time related to input of the payment amount;
after receiving the prepayment request, the payment platform verifies the timeliness of the prepayment request, if the timeliness verification is not passed, the prepayment request is rejected, otherwise, a random password SB1 is generated according to the time related to the input of the payment amount and the payment amount; comparing the random password SA1 with the random password SB1, and if the random password SA1 is not equal to the random password SB1, rejecting the prepayment request; if SA1= SB1, further confirming whether the payment amount exceeds the preset payment amount, if so, sending out the reminding information of exceeding the amount to the payer terminal, and refusing the prepayment request, otherwise, returning the random time related to the confirmation of the payment amount to the payer terminal equipment;
after receiving the random time which is returned by the payment platform and is relevant to the confirmation of the payment amount, the payer terminal equipment generates a random password SA according to the payment amount and the random time which is relevant to the confirmation of the payment amount, generates a payment request according to the payment amount, the random time which is relevant to the confirmation of the payment amount, the random password SA and the payer account information and displays the payment request in a two-dimensional code mode;
and scanning the two-dimensional code on the payer terminal equipment by the payee terminal equipment, analyzing the payment request contained in the two-dimensional code, and forwarding the payment request together with the account information of the payee to the payment platform.
Because a certain time is needed from the time when the payment platform returns the random time related to the confirmation of the payment amount to the time when the payer generates the random password SA according to the payment amount and the random time related to the confirmation of the payment amount, a certain time is also needed from the time when the payer generates the payment request to the time when the payment platform receives the payment request, the communication timeliness of the two parties of the payer and the payment platform needs to be verified in consideration of the communication time difference between the payer and the payment platform and the safety of the payment request, and the payer and the payment platform use the same time service clock through standard time service.
Specifically, before the payment platform generates the random password SB, whether the time interval between the random time related to the confirmation of the payment amount in the payment request and the time of actually receiving the payment request is larger than a preset time threshold value or not is judged, if so, the timeliness verification of the payment request is successful, and the random password SB is continuously generated; otherwise, the timeliness verification of the payment request fails, and the information of the payment failure is returned to the payer. The length of the preset time threshold is determined by the system, the payer and the payment platform according to the mobile signal condition and the comprehensive factors of the region.
It should be noted that: before the payer terminal equipment pays for the first time, the payer terminal equipment needs to be registered on a payment platform, and the registration information comprises a random password generation algorithm and a randomly acquired binary digital access string.
The method comprises the following steps of obtaining a binary digit access string:
the method comprises the steps that a payer terminal device randomly obtains a section of image file or audio file or video file;
converting an image file or an audio file or a video file into a binary digital sequence;
traversing the binary digit sequence, and judging whether more than n continuously arranged same digits '1' and/or more than m continuously arranged same digits '0' exist in the binary digit sequence, wherein if so, replacing more than n continuously arranged same digits '1' with one digit '1' and/or more than m continuously arranged same digits '0' with one digit '0', and the replacement result is that no more than n continuously arranged same digits '1' and more than m continuously arranged same digits '0' appear in the converted file, thus obtaining the binary digit sequence after multiple repetitive arrangement, wherein n is more than or equal to 4, and m is more than or equal to 4;
and sequentially intercepting M digits in the binary digit sequence to form a binary digit access string, wherein M is an integer.
In the steps, the acquisition of the image file and/or the audio file is random, and the same numbers which are continuously arranged in a plurality of bits in the binary number sequence obtained by converting the image file and/or the audio file are removed, so that the finally obtained binary number access string has non-repeatable generation and randomness, the safety of the acquired random password SB is improved, and the correctness of the identity verification of the paying party is ensured.
Specifically, the random password generation algorithm is as follows:
adding numbers representing the elements, angles and minutes in the payment amount to obtain a number L, adding last two digits of the number of years, the number of months, the number of days, the number of hours, the number of minutes and/or the number of seconds of the time related to the payment application to obtain a number T, and adding the number L and the number T to obtain a random number N;
intercepting j-N digits in the binary digit taking string as a binary digit Q, wherein j is an integer larger than zero;
and adding the binary number Q and the random password generated at the previous time to obtain the random password used at this time, wherein the initial value of the random password used at the first time is 1.
Because the binary digit access string and the random digit N used in the password generation method are both randomly acquired, the length of the generated random password is also random, and the generated password has indecipherability and high safety due to multiple random; and because the password generation process also comprises the last random password, the security of the password is further improved.
Specifically, when the binary digit fetching string is intercepted for the 1 st time, j × N is intercepted from the first bit of the binary digit fetching string1The digit number is used as a binary number Q; when intercepting the binary digit string at the 2 nd time, taking the jth N of the string from the binary digit1Starting at + x position and cutting out j x N2The digit number is used as a binary number Q;
when the ith interception is carried out, the residual digit Y of the binary digit taking string is calculated,
Figure 784416DEST_PATH_IMAGE002
and judging whether the residual digit Y is greater than or equal to x + j NiIf Y is greater than or equal to x + j NiThen, the bit x of the remaining Y-bit binary digit is cut back by j x NiThe digit number is used as a binary number Q;
if Y is less than x + j NiContinuously judging whether the residual digit Y is greater than x, if so, intercepting the last digit from the x-th digit of the residual Y-digit binary number to obtain a U-digit binary number, and intercepting the j × N from the first digit of the binary number taking stringi-U bit, truncated j x Ni-the first digit of the U-bit binary number is connected to the last digit of the U-bit binary number, generating j x NiThe binary number Q of the bit, and when the (i + 1) th bit is intercepted, the jth × N of the string is taken from the binary numberi-U + x bits start backward truncation;
otherwise, the x-Y +1 bit of the binary digit fetching string is intercepted backwards by j x NiThe binary digit of the bit is used as a binary number Q; taking the x-Y + j N of the string from the binary digit at the time of the (i + 1) th interceptioniStarting at + x position and cutting out j x Ni+1Wherein N isi+1Intercepting a random number N obtained before the (i + 1) th time;
wherein i is an integer greater than 2, x is a predetermined integer, and N is1For the random number N, N obtained before the first interception2For the random number N, N obtained before the first interceptioni-1For the random number N, N obtained before the i-1 th interceptioniThe random number N obtained before the i-th truncation is obtained.
When the binary digit access strings are intercepted by the N, the binary digit access strings are intercepted at intervals with certain length, so that the advantage of discontinuous interception is that the binary digit access strings are protected from being cracked easily; and the binary digit taking string is circularly intercepted, so that the binary digit taking string is equivalent to a binary digit ring connected end to end, each time of intercepting data only intercepts one section of digits of the binary digit ring, and the use times of the binary digit taking string are prolonged.
In the embodiment, a payment platform is adopted to authenticate the identity of the terminal equipment of the payer, so that the payer generates a dynamic two-dimensional code in the terminal equipment of the payer, and the payee does not need to input a static password in the whole process of completing payment by scanning the two-dimensional code, thereby providing better security for a mobile payer and simplifying the operation steps of a user; meanwhile, both the binary digit access string and the random digit N used in the process of generating the random password by the payment platform and the terminal equipment of the payer are randomly obtained, so that the length of the generated random password is random, the last random password also participates in the generation process of the random password, and the multiple random enables the random password to have the characteristics of difficult deciphering and unrepeatable generation, so that if the random passwords sent by the payment platform and the terminal equipment of the payer are the same, the terminal equipment of the payer can be verified to have the legal identity, and the correctness of the authentication of the terminal equipment of the payer is greatly improved.
Furthermore, the payment information also comprises payment address information of the payer and transaction type or service type or commodity information generated by the terminal equipment of the payer, and after each payment is completed, the payer generates a piece of comprehensive information and stores the comprehensive information into a file for post-processing such as inquiry, summarization and the like; the comprehensive information includes payer account information, payment transaction completion time, payment amount, payment transaction occurrence address, payee account information, and transaction type or service type or commodity information.
In other embodiments, the prepaid request further includes account information of the payer, and after receiving the prepaid request, performing time validity verification and determining that the payment amount does not exceed the preset payment amount, the payment platform generates a random password SB2 according to the payment amount and the random time related to the confirmation of the payment amount, and generates a "payment permission instruction" according to the account information of the payer, the payment amount and the random time related to the confirmation of the payment amount, and returns the "payment permission instruction" to the terminal device of the payer.
The payer terminal equipment verifies the timeliness of the payment permission instruction according to the random time related to the confirmation of the payment amount contained in the received payment permission instruction returned by the payment platform, retransmits the pre-payment request if the timeliness verification is not passed, generates a random password SA2 according to the payment amount contained in the payment permission instruction returned by the payment platform and the random time related to the confirmation of the payment amount if the timeliness verification is passed, compares SB2 with SA2, and retransmits the pre-payment request if SB2 is not equal to SA 2; if SB2= SA2, a two-dimensional code is generated according to the "Payment permission instruction" and displayed for scanning by the payee's payee terminal device.
And the payee terminal equipment scans the two-dimensional code of the payment permission instruction on the payer terminal equipment, analyzes the payment permission instruction contained in the two-dimensional code and forwards the payment permission instruction and the payee account information to the payment platform.
The payer platform reads the random password SB2 in the 'allow payment instruction' to compare with the self-generated random password SB2, if SB2= SA2, the payment request is responded, and the amount required to be paid in the payment request is transferred from the payer account to the payee account; if SB2 ≠ SA2, then payment is denied.
Example 2
This embodiment is different from embodiment 1 in that: the steps of the payment platform receiving the payment request of the payer terminal device are as follows:
after logging in a payment platform, the payer terminal device scans and shoots a collection two-dimensional code of the payee terminal device to obtain payee account information and display the payee information;
the payer terminal equipment inputs the payment amount and displays the payment amount in a special picture form of the payment amount for the confirmation of the payer; preferably, the special picture is a currency picture combination of one or more currency values;
the payer terminal equipment generates a random password SA according to the payment amount and the random time related to the confirmation of the payment amount, and generates a payment request according to the payment amount, the random time related to the confirmation of the payment amount, the random password SA and the account information of the payer;
and the payer terminal equipment sends the confirmed payee account information and the payment request to the payment platform.
In the embodiment, the payment platform is used for authenticating the identity of the terminal equipment of the payer, so that the payee provides a two-dimensional code of account information of the payee, and the payer does not need to input a static password or a dynamic password in the process of finishing payment by scanning the two-dimensional code, thereby providing better security for the mobile payer and simplifying the operation steps of the user.
Example 3
This example is different from examples 1 and 2 in that:
the payer terminal equipment displays the input payment amount in a special picture mode for the payer to confirm in an off-line payment state;
the payer terminal equipment generates a random password SA according to the payment amount and the random time related to the confirmation of the payment amount, and generates a payment request for the payment amount, the random time related to the confirmation of the payment amount, the random password SA and the payer account information and displays the payment request in a two-dimensional code form;
and scanning the two-dimensional code on the payer terminal equipment by the payee terminal equipment, analyzing the payment request contained in the two-dimensional code, and forwarding the payment request together with the account information of the payee to the payment platform.
Specifically, the payment platform issues an offline payment total amount to the payer terminal equipment in advance; after receiving the offline payment instruction, the payer terminal equipment displays the offline payment total amount, the accumulated used offline payment amount and the remaining offline payment amount, wherein the remaining offline payment amount is equal to the sum of the offline payment amount minus the accumulated used offline payment amount; the payer terminal equipment judges whether the input payment amount is less than or equal to the remaining offline payment amount, if the payment amount is greater than the remaining offline payment amount, the offline payment operation cannot be carried out, and the excess amount reminding information is given; and if the payment amount is less than or equal to the remaining offline payment amount, the terminal equipment of the payer displays the payment amount in a special picture form for the payer to confirm the payment amount.
When the remaining offline payment amount of the payer is smaller than the preset amount, the payer can apply for the offline payment total amount to the payment platform again as long as the mobile network exists, and the payer can invalidate all remaining offline payment amounts while approving the newly applied offline payment total amount; if the last payment amount is larger than the remaining offline payment amount, the payment party terminal device gives out the excess amount reminding information, the payment party can reduce the current payment amount, and can reapply the offline payment amount to the payment platform through the payment party terminal device again, and the offline payment is used after authorization.
In the embodiment, a payment platform issues an offline payment limit to a payer, and as long as the payment limit of each time is less than or equal to the sum of the offline payment limit authorized by the payment platform minus the accumulated used offline payment limit, the payer can respond to a payment request, so that the payer can complete mobile payment under the condition that a payee has a network without a mobile network; the method for authenticating the identity of the payer terminal equipment by the payment platform is adopted, so that the payer generates a dynamic two-dimensional code in the payer terminal equipment, and the payee scans the two-dimensional code to complete payment, namely, the payer does not need to input a static password, better safety is provided for the mobile payer, and meanwhile, the operation steps of a user are simplified; because the binary digit access string and the random digit N used in the process of generating the random password by the payment platform and the terminal equipment of the payer are both obtained randomly, the length of the generated random password is also random, and the last random password also participates in the generation process of the random password, and the multiple random enables the random password to have the characteristics of difficult deciphering and unrepeatable generation, so that if the random passwords sent by the payment platform and the terminal equipment of the payer are the same, the terminal equipment of the payer can be verified to have the legal identity, and the correctness of the authentication of the terminal equipment of the payer is greatly improved.
Finally, it should be noted that the above examples are only used to illustrate the technical solutions of the present invention and not to limit the same; although the present invention has been described in detail with reference to preferred embodiments, those skilled in the art will understand that: modifications to the specific embodiments of the invention or equivalent substitutions for parts of the technical features may be made; without departing from the spirit of the present invention, it is intended to cover all aspects of the invention as defined by the appended claims.

Claims (9)

1. A payment method is characterized by comprising the following steps:
the payment platform receives a payment request and payee account information of payer terminal equipment, wherein the payment request comprises the payer account information, payment amount, random time related to confirmation of the payment amount and a random password SA generated by the payer terminal equipment according to the payment amount and the random time related to confirmation of the payment amount;
the payment platform verifies the timeliness of the payment request according to the random time related to the confirmation of the payment amount, generates a random password SB according to the payment amount in the payment request and the random time related to the confirmation of the payment amount after the timeliness verification of the payment request is passed, compares the random password SB with the random password SA, and if the random password SB is not equal to the random password SA, the identity verification of the terminal equipment of the payment party fails and rejects the payment request; otherwise, the payer successfully verifies the identity, responds to the payment request, and transfers the amount of money required to be paid in the payment request from the payer account to the payee account;
the random password generation algorithm is as follows:
adding numbers representing the elements, angles and minutes in the payment amount to obtain a number L, adding the last two digits of the number of years, the number of months, the number of days, the number of hours, the number of minutes and/or the number of seconds of the time related to the payment application to obtain a number T, and adding the number L and the number T to obtain a random number N;
intercepting j-N digits in the binary digit taking string as a binary digit Q, wherein j is an integer larger than zero;
adding the binary number Q and the random password used for the previous time to obtain the random password used for the current time, wherein the initial value of the random password used for the first time is 1;
the binary digit access string is obtained by the following steps:
the method comprises the steps that a payer terminal device randomly obtains a section of image file or audio file or video file;
converting an image file or an audio file or a video file into a binary digital sequence;
traversing the binary digit sequence, and judging whether more than n continuously arranged same digits '1' and/or more than m continuously arranged same digits '0' exist in the binary digit sequence, wherein if so, replacing more than n continuously arranged same digits '1' with one digit '1' and/or more than m continuously arranged same digits '0' with one digit '0', and the replacement result is that no more than n continuously arranged same digits '1' and more than m continuously arranged same digits '0' appear in the converted file, thus obtaining the binary digit sequence after multiple repetitive arrangement, wherein n is more than or equal to 4, and m is more than or equal to 4;
and sequentially intercepting M digits in the binary digit sequence to form a binary digit access string.
2. A payment method as claimed in claim 1, wherein the step of the payment platform receiving the payment request from the payer terminal device is as follows:
the payer terminal device sends a prepayment request to the payment platform, wherein the prepayment request comprises a payment amount, time related to input of the payment amount and a random password SA1 generated by the payer terminal device according to the payment amount and the time related to input of the payment amount;
after receiving the prepayment request, the payment platform verifies the timeliness of the prepayment request, if the timeliness verification is not passed, the prepayment request is rejected, otherwise, a random password SB1 is generated according to the time related to the input of the payment amount and the payment amount; comparing the random password SA1 with the random password SB1, and if the random password SA1 is not equal to the random password SB1, rejecting the prepayment request; if SA1= SB1, further confirming whether the payment amount exceeds the preset payment amount, if so, sending out the reminding information of exceeding the amount to the payer terminal, and refusing the prepayment request, otherwise, returning the random time related to the confirmation of the payment amount to the payer terminal equipment;
after receiving the random time which is returned by the payment platform and is relevant to the confirmation of the payment amount, the payer terminal equipment generates a random password SA according to the payment amount and the random time which is relevant to the confirmation of the payment amount, and generates a payment request according to the payment amount, the random time which is relevant to the confirmation of the payment amount, the random password SA and the payer account and displays the payment request in a two-dimensional code mode;
and scanning the two-dimensional code on the payer terminal equipment by the payee terminal equipment, analyzing the payment request contained in the two-dimensional code, and forwarding the payment request together with the account information of the payee to the payment platform.
3. A payment method as claimed in claim 1, wherein the step of the payment platform receiving the payment request from the payer terminal device is as follows:
after logging in a payment platform, the payer terminal device scans and shoots a collection two-dimensional code of the payee terminal device to obtain payee account information and display the payee information; the payer inputs the payment amount and displays the payment amount in a special picture form for the confirmation of the payer;
the payer terminal equipment generates a random password SA according to the payment amount and the random time related to the confirmation of the payment amount, and generates a payment request according to the payment amount, the random time related to the confirmation of the payment amount, the random password SA and the account information of the payer;
and the payer terminal equipment sends the confirmed payee account information and the payment request to the payment platform.
4. A payment method as claimed in claim 1, wherein the step of the payment platform receiving the payment request from the payer terminal device is as follows:
the payer terminal equipment displays the input payment amount in a special picture mode for the payer to confirm in an off-line payment state;
the payer terminal equipment generates a random password SA according to the payment amount and the random time related to the confirmation of the payment amount, and generates a payment request for the payment amount, the random time related to the confirmation of the payment amount, the random password SA and the payer account information and displays the payment request in a two-dimensional code form;
and scanning the two-dimensional code on the payer terminal equipment by the payee terminal equipment, analyzing the payment request contained in the two-dimensional code, and forwarding the payment request together with the account information of the payee to the payment platform.
5. A payment method as defined in claim 4, wherein: the payment platform issues an offline payment total amount to the payer terminal equipment in advance, after the payer terminal equipment receives an offline payment instruction, the offline payment total amount, the accumulated used offline payment amount and the remaining offline payment amount are displayed, whether the input payment amount is less than or equal to the remaining offline payment amount is judged, and if the input payment amount is greater than the remaining offline payment amount, offline payment cannot be performed; and if the payment amount is less than or equal to the remaining offline payment amount, the payment amount is displayed by the payer terminal equipment in a special picture form for the payer to confirm.
6. A payment method according to any one of claims 3 to 5 wherein: the special picture is a currency picture combination of one or more currency values.
7. A payment method as claimed in any one of claims 1 to 4, wherein: the payer terminal equipment needs to be registered on the payment platform, and the registration information comprises a random password generation algorithm and a randomly acquired binary digit access string.
8. A payment method as recited in claim 1, wherein: when the binary digit fetching string is intercepted for the 1 st time, j × N is intercepted from the first bit of the binary digit fetching string1The digit number is used as a binary number Q; when intercepting the binary digit string at the 2 nd time, taking the jth N of the string from the binary digit1Starting at + x position and cutting out j x N2The digit number is used as a binary number Q; during the ith interception, calculating the residual digit Y of the binary digit string, and judging whether the residual digit Y is greater than or equal to x + j NiIf Y is greater than or equal to x + j NiThen, the bit x of the remaining Y-bit binary digit is cut back by j x NiThe digit number is used as a binary number Q;
if Y is less than x + j NiContinuously judging whether the residual digit Y is greater than x, if so, intercepting the last digit from the x-th digit of the residual Y-digit binary number to obtain a U-digit binary number, and intercepting the j × N from the first digit of the binary number taking stringi-U bit, truncated j x Ni-the first digit of the U-bit binary number is connected to the last digit of the U-bit binary number, generating j x NiThe binary number Q of the bit, and when the (i + 1) th bit is intercepted, the jth × N of the string is taken from the binary numberi-U + x bits start backward truncation;
otherwise, the x-Y +1 bit of the binary digit fetching string is intercepted backwards by j x NiThe binary digit of the bit is used as a binary number Q; taking the x-Y + j N of the string from the binary digit at the time of the (i + 1) th interceptioniStarting at + x position and cutting out j x Ni+1Wherein N isi+1Intercepting a random number N obtained before the (i + 1) th time;
wherein i is an integer greater than 2, x is a predetermined integer, and N is1For the random number N, N obtained before the first interception2For the random number N, N obtained before the second interceptioni-1For the random number N, N obtained before the i-1 th interceptioniThe random number N obtained before the i-th truncation is obtained.
9. A payment method as claimed in any one of claims 1 to 4, wherein: the payment request also comprises payment address information of the payer and transaction type or service type or commodity information generated by the payer terminal equipment, and after each payment is completed, the payer generates a piece of comprehensive information and stores the comprehensive information in a file for inquiry and summary processing; the comprehensive information includes payer account information, payment transaction completion time, payment amount, payment transaction occurrence address, payee account information, and transaction type or service type or commodity information.
CN201910695624.2A 2019-07-30 2019-07-30 Payment method Active CN110533410B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910695624.2A CN110533410B (en) 2019-07-30 2019-07-30 Payment method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910695624.2A CN110533410B (en) 2019-07-30 2019-07-30 Payment method

Publications (2)

Publication Number Publication Date
CN110533410A CN110533410A (en) 2019-12-03
CN110533410B true CN110533410B (en) 2022-02-15

Family

ID=68662035

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910695624.2A Active CN110533410B (en) 2019-07-30 2019-07-30 Payment method

Country Status (1)

Country Link
CN (1) CN110533410B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113762951A (en) * 2021-09-03 2021-12-07 刘高峰 Method, server and system for supporting offline payment limit by multiple payment ends of same user

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101795454A (en) * 2010-02-10 2010-08-04 熊文俊 Method and system of double identity authentication based on mobile communication independent channel
CN106452756A (en) * 2016-11-08 2017-02-22 王栋 Construction verification method and device capable of verifying security two-dimensional code offline
CN106910070A (en) * 2017-02-07 2017-06-30 桂林理工大学 Exempt from close offline electronic payment method with what visible light communication and barcode scanning were recognized
CN109729052A (en) * 2017-10-31 2019-05-07 金子光 The method for improving mobile phone one-key safe in payment

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140006273A1 (en) * 2012-06-29 2014-01-02 Infosys Limited System and method for bank-hosted payments
CN102843236B (en) * 2012-09-12 2014-12-10 飞天诚信科技股份有限公司 Generation and authentication method and system for dynamic password
US10032158B2 (en) * 2013-07-10 2018-07-24 Nec Corporation Settlement system, server device, terminal device, method and program
US11074573B2 (en) * 2017-10-27 2021-07-27 International Business Machines Corporation Processing mobile payments when disconnected from payment servers

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101795454A (en) * 2010-02-10 2010-08-04 熊文俊 Method and system of double identity authentication based on mobile communication independent channel
CN106452756A (en) * 2016-11-08 2017-02-22 王栋 Construction verification method and device capable of verifying security two-dimensional code offline
CN106910070A (en) * 2017-02-07 2017-06-30 桂林理工大学 Exempt from close offline electronic payment method with what visible light communication and barcode scanning were recognized
CN109729052A (en) * 2017-10-31 2019-05-07 金子光 The method for improving mobile phone one-key safe in payment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于身份认证的网络考试系统安全模型研究;贺计文;《中国优秀硕士学位论文全文数据库(信息科技辑)》;20110430;全文 *

Also Published As

Publication number Publication date
CN110533410A (en) 2019-12-03

Similar Documents

Publication Publication Date Title
US8180686B2 (en) Multi-step authentication-based electronic payment method using mobile terminal
US8407112B2 (en) Transaction authorisation system and method
AU2007281028B2 (en) Transaction authorisation system and method
CN101277191B (en) Non-repudiation for digital content delivery
CN102880960B (en) Based on the payment by using short messages method and system of fingerprint recognition mobile phone
US20060005024A1 (en) Dual-path pre-approval authentication method
CN103985036A (en) Two-dimension code payment method with biological characteristics
CN104599408A (en) Third-party account ATM (automatic teller machine) withdrawing method and system based on dynamic two-dimension codes
CN109978533B (en) Offline secure payment system and method for resisting two-dimension code theft
KR20100038990A (en) Apparatus and method of secrity authenticate in network authenticate system
US20090220075A1 (en) Multifactor authentication system and methodology
CN108694580A (en) A kind of payment system and method based on quantum cryptography
CN114529297A (en) Offline transaction method and device based on block chain and storage medium
CN104657860A (en) Mobile banking security authentication method
CN104301288B (en) Online identity certification, online transaction checking, the method and system of online verification protection
CN107453871A (en) Password generated method, password authentication method, method of payment and device
CN110533410B (en) Payment method
US20140136421A1 (en) Method of registering a membership for an electronic payment, system for same, and apparatus and terminal thereof
CN116976890A (en) Multi-sign encryption transaction system of block chain
CN101425901A (en) Control method and device for customer identity verification in processing terminals
KR20130095363A (en) A cash remittance method based on digital codes using hash function and electronic signature
RU2446467C1 (en) Method for ensuring secure mobile financial transactions in mobile communication networks (versions) and architecture for realising said method
JP2007133743A (en) Service providing server and authentication system
KR100563544B1 (en) Method for authenticating a user with one-time password
CN110581820B (en) Financial technology application system and method based on IPV6 and biological recognition technology

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant